CVE-2024-54909 | GoldPanKit eva-server 4.1.0 download path information disclosure

Inserito da Angelo Barbosa | Feb 7, 2025 | CVE

A vulnerability was found in GoldPanKit eva-server 4.1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /api/resource/local/download. The manipulation of the argument path leads to information disclosure.

This vulnerability is known as CVE-2024-54909. The attack can only be initiated within the local network. There is no exploit available.

CVE-2024-54909 | GoldPanKit eva-server 4.1.0 download path information disclosure

Post correlati

CVE-2025-22737 | MagePeople WpTravelly Plugin up to 1.8.5 on WordPress authorization

CVE-2024-24963 | AutomationDirect Productivity 3000 P3-550E 1.2.10.9 Programming Software Connection FileSelect stack-based overflow (icsa-24-144-01)

CVE-2024-54508 | Apple tvOS Web memory corruption

CVE-2024-6419 | SourceCodester Medicine Tracker System 1.0 Master.php id sql injection